Luca Deri

6 exploits Active since Jul 2018
CVE-2018-12520 WRITEUP HIGH WRITEUP
ntopng <3.4.180617 - Info Disclosure
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access.
CVSS 8.1
CVE-2020-15471 WRITEUP CRITICAL WRITEUP
ndpi < 3.2 - Heap-Based Buffer Over-Read in Packet Parsing
In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c.
CVSS 9.1
CVE-2020-15472 WRITEUP CRITICAL WRITEUP
ntop nDPI < 3.2 - Out-of-bounds Read in H.323 Dissector
In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short.
CVSS 9.1
CVE-2020-15473 WRITEUP CRITICAL WRITEUP
ndpi < 3.2 - Heap-Based Buffer Over-Read in OpenVPN Dissector
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.
CVSS 9.1
CVE-2021-36082 WRITEUP HIGH WRITEUP
ntop nDPI 3.4 - Stack-based Buffer Overflow in processClientServerHello
ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.
CVSS 8.8
CVE-2025-25066 WRITEUP HIGH WRITEUP
nDPI < 4.12 - Stack-based Buffer Overflow in ndpi_address_cache_restore
nDPI through 4.12 has a potential stack-based buffer overflow in ndpi_address_cache_restore in lib/ndpi_cache.c.
CVSS 8.1